In Security and Trust Engineering our research and development work is mainly focused on: Network & Internet Security, Cloud and SOA-Security (SOA - Service Oriented Architectures) and Security Awareness.

Security Testing and Surveillance for Large-Scale of Software

Overview

This bachelor project is the part of a joint research project between the SAP Software Security team and the HPI Internet-Technologies and Systems group. The project, entitled as “Towards Software System Surveillance with the Security Analytics Lab”, aims at research and development of methods for automatically analyzing in terms of security as well as accordingly optimizing the logging information and mechanisms of complex SAP software. The proposed bachelor project will focus on the general study of security testing and logging analysis of large-scale software and their typical deployment scenarios. Students are expected to get familiar with and later be able to execute properly the technical and non-technical approaches in the domain of penetration testing, vulnerability assessment, threat model, as well as security auditing and review, etc. Within this bachelor project, it is expected that all the participants can be actively involved in our collaborative effort with related SAP teams. The different aspects of the project could be: deploying, testing, and analysis of the target SAP software, e.g., SAP NetWeaver, SAP Business Explorer (By Design), or SAP HANA Database, etc., composing security reports as well as optimizing the logging mechanisms. The general methodology and its routing map for security auditing and surveillance of large-scale of software are expected to be summarized.

Design and Architecture

we expect to propose (design and implement) an integrated platform for analyzing large scale software from perspective of security.